Events

Hands-on Windows Internals and Advanced Troubleshooting: 2006
San Francisco : September 18-22
Join Mark Russinovich and Dave Solomon for a 5-day hands-on seminar that takes you deep inside Windows with the Windows kernel debugger and Sysinternals tools like Process Explorer, Filemon and Regmon.

TechEd On-Demand Webcast: Windows Hang and Crash Dump Analysis
Watch the recording of Mark's top-rated TechEd session in this free webcast from Microsoft TechNet. Learn to analyze Microsoft Windows crash dumps, diagnose the cause, pinpoint a solution, and resolve the problem. Intended for system administrators, this webcast explains how system crashes occur and what happens when you reboot a crashed system. Mark leads you through the crash dump analysis process step by step, introducing the latest tools from Microsoft and handy tricks for isolating the cause of a crash.

What's New

Mark's Blog

July 18

July 11

TechEd On-Demand Webcast: Windows Hang and Crash Dump Analysis
Watch the recording of Mark's top-rated TechEd session in this free webcast from Microsoft TechNet.
Learn to analyze Microsoft Windows crash dumps, diagnose the cause, pinpoint a solution, and resolve the problem. Intended for system administrators, this webcast explains how system crashes occur and what happens when you reboot a crashed system. Mark leads you through the crash dump analysis process step by step, introducing the latest tools from Microsoft and handy tricks for isolating the cause of a crash.

July 10

Process Explorer v10.2This release targets Windows Vista with new integrity level and virtualized columns as well as a signed driver for 64-bit Vista for x64 processors.

June 22

ZoomIt v1.14
This ZoomIt update now bounds the drawing cursor so that you can't lose track of it off the screen and includes new context menu entries and mouse behaviors so that its fully controllable with just a mouse.

Autoruns v8.52
Autoruns now includes an autostart location that's used by malware to hijack the desktop background.

Apple Hi-Res Screen Dump
Mark's first magazine article, one he published in Compute! in 1985 that describes a program he wrote to dump Apple ][ hi-resolution screen contents to Epson printers, is now on line!

RootkitRevealer Top 100 Products of 2006
RootkitRevealer has earned a spot in PC World's top 100 products of the year (it might be #100, but its still in)! We're honored to be in the company of products like the Xbox 360 and the iPod.

June 6

AccessChk v2.0
AccessChk now has an option to dump security descriptors and also has support for showing and filtering Vista object Integrity Levels.

Handle v3.2
This Handle update includes an option for not prompting on handle closes and also reports the sharing flags configured for open files.

May 10

Process Explorer v10.11
Through support from HP, Process Explorer is now available on 64-bit Windows for Itanium-based systems to support increased market demand. In addition, this release adds I/O counter columns and process statistics, system-wide and per-process I/O history graphs, memory and I/O minigraphs, service permissions editing, and support for Vista process cycle counters.

April 18

AccessChk v1.03
This new security utility shows you what accesses that a user or group you specify has to files, Registry keys or Windows services.

ZoomIt v1.11
As a result of more field testing ZoomIt
now includes a break timer hotkey and tweaks to its drawing behavior.

April 10

DebugView v4.6
This DebugView release adds support for Windows Vista and fixes a buffer overflow that could occur when the option to force carriage returns is off.

PsService v2.2
PsService now includes an option to dump service security descriptors.

March 27

ZoomIt v1.0
ZoomIt is a presentation tool that let's you zoom the screen and move around, draw on a zoomed image, and display a fullscreen break countdown timer. Mark wrote it specifically for use during his presentations.

March 7

Autoruns v8.5
This new Autoruns release adds scanning of LSA security, notification, and authentication providers as well as Explorer protocol handlers and extensions.

March 2

The Sysinternals Newsletter
Another issue of the Sysinternals newsletter has gone out to update you on what's going on at Sysinternals.

February 22

Mark to Speak at Microsoft TechEd 2006
Mark is copresenting a preconference tutorial on advanced malware cleaning at TechEd US in Boston on June 12. In addition, he's delivering breakout sessions on topics including Vista kernel changes, troubleshooting with Filemon and Regmon, analyzing Windows crashes and hangs, Vista security changes, and advanced malware cleaning techniques.

February 14

Sysinternals Licensing Update
The Sysinternals freeware license page now explains scenarios under which a paid commercial license is required for use.